/** * Returns a complete list of the groups in AD based on a SAM Account Type * * @param string $sAMAaccountType The account type to return * @param bool $includeDescription Whether to return a description * @param string $search Search parameters * @param bool $sorted Whether to sort the results * @return array */ public function search($sAMAaccountType = adLDAP::ADLDAP_SECURITY_GLOBAL_GROUP, $includeDescription = false, $search = "*", $sorted = true) { if (!$this->adldap->getLdapBind()) { return false; } $filter = '(&(objectCategory=group)'; if ($sAMAaccountType !== null) { $filter .= '(samaccounttype=' . $sAMAaccountType . ')'; } $filter .= '(cn=' . $search . '))'; // Perform the search and grab all their details $fields = array("samaccountname", "description"); $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); $groupsArray = array(); for ($i = 0; $i < $entries["count"]; $i++) { if ($includeDescription && strlen($entries[$i]["description"][0]) > 0) { $groupsArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["description"][0]; } else { if ($includeDescription) { $groupsArray[$entries[$i]["samaccountname"][0]] = $entries[$i]["samaccountname"][0]; } else { array_push($groupsArray, $entries[$i]["samaccountname"][0]); } } } if ($sorted) { asort($groupsArray); } return $groupsArray; }
/** * Return a list of all contacts * * @param bool $includeDescription Include a description of a contact * @param string $search The search parameters * @param bool $sorted Whether to sort the results * @return array|bool */ public function all($includeDescription = false, $search = "*", $sorted = true) { if (!$this->adldap->getLdapBind()) { return false; } // Perform the search and grab all their details $filter = "(&(objectClass=contact)(cn=" . $search . "))"; $fields = array("displayname", "distinguishedname"); $sr = ldap_search($this->adldap->getLdapConnection(), $this->adldap->getBaseDn(), $filter, $fields); $entries = ldap_get_entries($this->adldap->getLdapConnection(), $sr); $usersArray = array(); for ($i = 0; $i < $entries["count"]; $i++) { if ($includeDescription && strlen($entries[$i]["displayname"][0]) > 0) { $usersArray[$entries[$i]["distinguishedname"][0]] = $entries[$i]["displayname"][0]; } elseif ($includeDescription) { $usersArray[$entries[$i]["distinguishedname"][0]] = $entries[$i]["distinguishedname"][0]; } else { array_push($usersArray, $entries[$i]["distinguishedname"][0]); } } if ($sorted) { asort($usersArray); } return $usersArray; }
/** * Get the last logon time of any user as a Unix timestamp * * @param string $username * @return long $unixTimestamp */ public function getLastLogon($username) { if (!$this->adldap->getLdapBind()) { return false; } if ($username === null) { return "Missing compulsory field [username]"; } $userInfo = $this->info($username, array("lastLogonTimestamp")); $lastLogon = adLDAPUtils::convertWindowsTimeToUnixTime($userInfo[0]['lastLogonTimestamp'][0]); return $lastLogon; }
/** * Returns a list of Databases within any given storage group in Exchange for a given mail server * * @param string $storageGroup The full DN of an Storage Group. You can use exchange_storage_groups() to find the DN * @param array $attributes An array of the AD attributes you wish to return * @return array */ public function storageDatabases($storageGroup, $attributes = array('cn', 'distinguishedname', 'displayname')) { if (!$this->adldap->getLdapBind()) { return false; } if ($storageGroup === NULL) { return "Missing compulsory field [storageGroup]"; } $filter = '(&(objectCategory=msExchPrivateMDB))'; $sr = @ldap_search($this->adldap->getLdapConnection(), $storageGroup, $filter, $attributes); $entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr); return $entries; }
/** * Get the groups a computer is in * * @param string $computerName The name of the computer * @param null $recursive Whether to check recursively * @return array|bool */ public function groups($computerName, $recursive = NULL) { if ($computerName === NULL) { return false; } if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } //use the default option if they haven't set it if (!$this->adldap->getLdapBind()) { return false; } //search the directory for their information $info = @$this->info($computerName, array("memberof", "primarygroupid")); $groups = $this->adldap->utilities()->niceNames($info[0]["memberof"]); //presuming the entry returned is our guy (unique usernames) if ($recursive === true) { foreach ($groups as $id => $groupName) { $extraGroups = $this->adldap->group()->recursiveGroups($groupName); $groups = array_merge($groups, $extraGroups); } } return $groups; }
/** * Returns a folder listing for a specific OU * See http://adldap.sourceforge.net/wiki/doku.php?id=api_folder_functions * * @param array $folderName An array to the OU you wish to list. * If set to NULL will list the root, strongly recommended to set * $recursive to false in that instance! * @param string $dnType The type of record to list. This can be ADLDAP_FOLDER or ADLDAP_CONTAINER. * @param bool $recursive Recursively search sub folders * @param bool $type Specify a type of object to search for * @return array */ public function listing($folderName = NULL, $dnType = adLDAP::ADLDAP_FOLDER, $recursive = NULL, $type = NULL) { if ($recursive === NULL) { $recursive = $this->adldap->getRecursiveGroups(); } //use the default option if they haven't set it if (!$this->adldap->getLdapBind()) { return false; } $filter = '(&'; if ($type !== NULL) { switch ($type) { case 'contact': $filter .= '(objectClass=contact)'; break; case 'computer': $filter .= '(objectClass=computer)'; break; case 'group': $filter .= '(objectClass=group)'; break; case 'folder': $filter .= '(objectClass=organizationalUnit)'; break; case 'container': $filter .= '(objectClass=container)'; break; case 'domain': $filter .= '(objectClass=builtinDomain)'; break; default: $filter .= '(objectClass=user)'; break; } } else { $filter .= '(objectClass=*)'; } // If the folder name is null then we will search the root level of AD // This requires us to not have an OU= part, just the base_dn $searchOu = $this->adldap->getBaseDn(); if (is_array($folderName)) { $ou = $dnType . "=" . implode("," . $dnType . "=", $folderName); $filter .= '(!(distinguishedname=' . $ou . ',' . $this->adldap->getBaseDn() . ')))'; $searchOu = $ou . ',' . $this->adldap->getBaseDn(); } else { $filter .= '(!(distinguishedname=' . $this->adldap->getBaseDn() . ')))'; } if ($recursive === true) { $sr = ldap_search($this->adldap->getLdapConnection(), $searchOu, $filter, array('objectclass', 'distinguishedname', 'samaccountname')); $entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr); if (is_array($entries)) { return $entries; } } else { $sr = ldap_list($this->adldap->getLdapConnection(), $searchOu, $filter, array('objectclass', 'distinguishedname', 'samaccountname')); $entries = @ldap_get_entries($this->adldap->getLdapConnection(), $sr); if (is_array($entries)) { return $entries; } } return false; }